Suparna Kundu, Quinten Norga, Angshuman Karmakar, Shreya Gangopadhyay, Jose Maria Bermudo Mera, Ingrid Verbauwhede
{"title":"剑鞘:基于舍入的密钥封装机制学习的硬件感知设计选择探索性研究","authors":"Suparna Kundu, Quinten Norga, Angshuman Karmakar, Shreya Gangopadhyay, Jose Maria Bermudo Mera, Ingrid Verbauwhede","doi":"arxiv-2409.09481","DOIUrl":null,"url":null,"abstract":"Recently, the construction of cryptographic schemes based on hard lattice\nproblems has gained immense popularity. Apart from being quantum resistant,\nlattice-based cryptography allows a wide range of variations in the underlying\nhard problem. As cryptographic schemes can work in different environments under\ndifferent operational constraints such as memory footprint, silicon area,\nefficiency, power requirement, etc., such variations in the underlying hard\nproblem are very useful for designers to construct different cryptographic\nschemes. In this work, we explore various design choices of lattice-based cryptography\nand their impact on performance in the real world. In particular, we propose a\nsuite of key-encapsulation mechanisms based on the learning with rounding\nproblem with a focus on improving different performance aspects of\nlattice-based cryptography. Our suite consists of three schemes. Our first\nscheme is Florete, which is designed for efficiency. The second scheme is\nEspada, which is aimed at improving parallelization, flexibility, and memory\nfootprint. The last scheme is Sable, which can be considered an improved\nversion in terms of key sizes and parameters of the Saber key-encapsulation\nmechanism, one of the finalists in the National Institute of Standards and\nTechnology's post-quantum standardization procedure. In this work, we have\ndescribed our design rationale behind each scheme. Further, to demonstrate the\njustification of our design decisions, we have provided software and hardware\nimplementations. Our results show Florete is faster than most state-of-the-art\nKEMs on software and hardware platforms. The scheme Espada requires less memory\nand area than the implementation of most state-of-the-art schemes. The\nimplementations of Sable maintain a trade-off between Florete and Espada\nregarding performance and memory requirements on the hardware and software\nplatform.","PeriodicalId":501332,"journal":{"name":"arXiv - CS - Cryptography and Security","volume":null,"pages":null},"PeriodicalIF":0.0000,"publicationDate":"2024-09-14","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":"{\"title\":\"Scabbard: An Exploratory Study on Hardware Aware Design Choices of Learning with Rounding-based Key Encapsulation Mechanisms\",\"authors\":\"Suparna Kundu, Quinten Norga, Angshuman Karmakar, Shreya Gangopadhyay, Jose Maria Bermudo Mera, Ingrid Verbauwhede\",\"doi\":\"arxiv-2409.09481\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"Recently, the construction of cryptographic schemes based on hard lattice\\nproblems has gained immense popularity. Apart from being quantum resistant,\\nlattice-based cryptography allows a wide range of variations in the underlying\\nhard problem. As cryptographic schemes can work in different environments under\\ndifferent operational constraints such as memory footprint, silicon area,\\nefficiency, power requirement, etc., such variations in the underlying hard\\nproblem are very useful for designers to construct different cryptographic\\nschemes. In this work, we explore various design choices of lattice-based cryptography\\nand their impact on performance in the real world. In particular, we propose a\\nsuite of key-encapsulation mechanisms based on the learning with rounding\\nproblem with a focus on improving different performance aspects of\\nlattice-based cryptography. Our suite consists of three schemes. Our first\\nscheme is Florete, which is designed for efficiency. The second scheme is\\nEspada, which is aimed at improving parallelization, flexibility, and memory\\nfootprint. The last scheme is Sable, which can be considered an improved\\nversion in terms of key sizes and parameters of the Saber key-encapsulation\\nmechanism, one of the finalists in the National Institute of Standards and\\nTechnology's post-quantum standardization procedure. In this work, we have\\ndescribed our design rationale behind each scheme. Further, to demonstrate the\\njustification of our design decisions, we have provided software and hardware\\nimplementations. Our results show Florete is faster than most state-of-the-art\\nKEMs on software and hardware platforms. The scheme Espada requires less memory\\nand area than the implementation of most state-of-the-art schemes. The\\nimplementations of Sable maintain a trade-off between Florete and Espada\\nregarding performance and memory requirements on the hardware and software\\nplatform.\",\"PeriodicalId\":501332,\"journal\":{\"name\":\"arXiv - CS - Cryptography and Security\",\"volume\":null,\"pages\":null},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2024-09-14\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"0\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"arXiv - CS - Cryptography and Security\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/arxiv-2409.09481\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"arXiv - CS - Cryptography and Security","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/arxiv-2409.09481","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
Scabbard: An Exploratory Study on Hardware Aware Design Choices of Learning with Rounding-based Key Encapsulation Mechanisms
Recently, the construction of cryptographic schemes based on hard lattice
problems has gained immense popularity. Apart from being quantum resistant,
lattice-based cryptography allows a wide range of variations in the underlying
hard problem. As cryptographic schemes can work in different environments under
different operational constraints such as memory footprint, silicon area,
efficiency, power requirement, etc., such variations in the underlying hard
problem are very useful for designers to construct different cryptographic
schemes. In this work, we explore various design choices of lattice-based cryptography
and their impact on performance in the real world. In particular, we propose a
suite of key-encapsulation mechanisms based on the learning with rounding
problem with a focus on improving different performance aspects of
lattice-based cryptography. Our suite consists of three schemes. Our first
scheme is Florete, which is designed for efficiency. The second scheme is
Espada, which is aimed at improving parallelization, flexibility, and memory
footprint. The last scheme is Sable, which can be considered an improved
version in terms of key sizes and parameters of the Saber key-encapsulation
mechanism, one of the finalists in the National Institute of Standards and
Technology's post-quantum standardization procedure. In this work, we have
described our design rationale behind each scheme. Further, to demonstrate the
justification of our design decisions, we have provided software and hardware
implementations. Our results show Florete is faster than most state-of-the-art
KEMs on software and hardware platforms. The scheme Espada requires less memory
and area than the implementation of most state-of-the-art schemes. The
implementations of Sable maintain a trade-off between Florete and Espada
regarding performance and memory requirements on the hardware and software
platform.
求助内容:
应助结果提醒方式:
京公网安备 11010802042870号
